Follow Us On Social Media

When I say Ransomware, the first nasty piece of malware strikes in the mind is CryptoLocker. A nasty strain of ransomware malware that threatened most of the people around the world by effectively destroying important files of the victims forever.

CRYPTOLOCKER - A DEVASTATING THREAT

CryptoLocker is a simple rather a devastating piece of Ransomware that encrypts the files on a victim’s computer and issues an ultimatum - Pay up or lose your data.

CryptoLocker is particularly designed to extort money from computer users by holding computer files hostage until the computer user pays a ransom fee to get them back. Cryptolocker hijacker sniffs out your personal files and wraps them with strong AES-256-bit encryption before it demands money.

HOW TO DECRYPT CRYPTOLOCKER? FREE TOOL RELEASED

Thanks to security experts, who created an online service where victims whose systems have been encrypted by the CryptoLocker ransomware can get the decryption keys for free.

This online portal has been created by the security researchers from Security software and services firms Fireeye and Fox-IT. The researchers created the portal after they used a copy of CryptoLocker's database of victims that was obtained during the recent takedown of the GameOver Zeus botnet, which was used to distribute the ransomware.

"This time we basically got lucky," said Michael Sandee, principal analyst at Fox-IT, one of the security firms which helped uncover the cybercrime group behind Cryptolocker.

The infrastructure of Cryptolocker and other malware was taken down in June under a campaign known as Operation Tovar, but there are still many cases where this nasty strain of ransomware is infecting users, according to Fireeye.

“After the success of Operation Tovar, there were few resources available to help decrypt files that were still encrypted with the attacker’s private key,” Fireeye explains in a blog post.

CRYPTOLOCKER DEMANDS $500, BUT ONLINE DECRYPTION TOOL IS FREE

Where CryptoLocker ransomware forced its victim to pay upto $500 in Bitcoins within 72 hours for the private keys necessary to unlock personal files, on the other hand, the security firms are providing the private decryption keys for free via the just-launched Decrypt CryptoLocker website.

According to FBI estimates from June, more than 500,000 people fell victim to CryptoLocker between September 2013 and May 2014. Fox-IT says around 1.3 percent of victims paid to free their files, which indicates, the malware earned its makers around $3 million before the criminal network was smashed by authorities and security researchers in May.

HOW TO DECRYPT FILES INFECTED BY CRYPTOLOCKER

You only need a master decryption key in order to decrypt the locked files.

Upload an email address and one of the encrypted files (one that should have no sensitive information).

The online tool will scan the file to figure out the encryption specifics, and then send you a recovery program and master decryption key via an email. You can take that key and the free decryptolocker.exe command line tool and decrypt your files.

FireEye warns that some data might not be recoverable, particularly if you've been infected by a CryptoLocker variant rather than CryptoLocker itself. You need to keep this in mind that there are many Cryptolocker variants with the names like PrisonLocker, CryptoDefense, TorLocker and CryptorBit, so the tool may not work against them.